Le Lézard
Classified in: Science and technology
Subject: SVY

KnowBe4 Analysis: Lack of Security Awareness Training Allowed Russians to Hack American Election


TAMPA BAY, Fla., July 17, 2018 /PRNewswire/ -- KnowBe4, provider of the world's largest security awareness training and simulated phishing platform, analyzed the official indictment of the Russian GRU officers charged with interfering in the 2016 U.S. presidential election.

KnowBe4 Inc www.knowbe4.com (PRNewsfoto/KnowBe4 Inc.)

According to Stu Sjouwerman, CEO of KnowBe4, and Kevin Mitnick, KnowBe4's Chief Hacking Officer, the GRU officials used the same tradecraft that cybercriminals use daily and that white hat penetration testers use to test their client's controls: social engineering methods including spearphishing. This further proves that hackers of all motives continue to target humans as they're known to be the path of least resistance and one that can be easily broken.

The indictment showed that the Russian hackers targeted more than 300 people, covertly hacked and monitored dozens of computers, secretly implanting a hacking tool that the GRU called X-Agent. The malware allowed operatives in Moscow to remotely take screenshots and capture keystrokes of Democratic Party employees as they tapped on their computers, the indictment states. The GRU team then used another program, called the X-Tunnel, to extract gigabytes of stolen documents through encrypted channels.

"After reading the Russian indictment I was surprised to see that the Russians use the same exact methods we use to test our client's security controls. Our security engineers have never failed to get in when we can use social engineering (phishing, etc) during an assessment," stated Kevin Mitnick, KnowBe4's Chief Hacking Officer. "The biggest takeaway was that spearphishing is *still* the easiest way the bad guys get in. Why the DNC didn't use Multi-Factor Authentication is beyond me. I believe it is the lack of security awareness training that made it easy for the Russians to hack our election."

KnowBe4's complete analysis is available on its blog titled, "Russian Indictment: They Used Criminal TradeCraft Like Spearphishing to Hack the Democratic Party"  

It is important to know what percentage of your users are vulnerable to social engineering attacks. For customers and non-customers alike, KnowBe4 recommends using its free Phishing Security Test to find out what the Phish-prone percentage of your company's users is.

About KnowBe4
KnowBe4, the provider of the world's largest integrated security awareness training and simulated phishing platform, is used by more than 19,000 organizations worldwide. Founded by data and IT security expert Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness of ransomware, CEO fraud and other social engineering tactics through a new-school approach to security awareness training. Kevin Mitnick, internationally recognized computer security expert and KnowBe4's Chief Hacking Officer, helped design KnowBe4's training based on his well-documented social engineering tactics. Thousands of organizations trust KnowBe4 to mobilize their end-users as the last line of corporate IT defense.

Number 231 on the 2017 Inc. 500 list, #70 on 2017 Deloitte's Technology Fast 500 and #2 in Cybersecurity Ventures Cybersecurity 500. KnowBe4 is headquartered in Tampa Bay, Florida with European offices in England, the Netherlands, Germany and offices in South Africa and Singapore.

KnowBe4 Contact:
Jennifer Jewett
Mockingbird Communications for KnowBe4
P: +1 617 913 2404
E: [email protected]

SOURCE KnowBe4


These press releases may also interest you

at 21:15
Techtouch, Inc. (Headquarter: Tokyo, Japan, President/CEO: Naka Imuta) announced today that it ranked 8th in the 21st Technology Fast 50 Japan, with three-year revenue growth of 468.6%. Technology Fast 50 Japan, held annually by Deloitte Tohmatsu...

at 21:00
OKX Ventures, the investment arm of leading crypto exchange and Web3 technology company OKX, today published a report titled 'Unlocking the Infinite Potential of Crypto and AI.' The report explores the convergence of AI and crypto, a major trend in...

at 21:00
The "Strategic Storytelling for Internal Communications: Using the Power of Storytelling to Engage Employees, Manage Organizational Change, and Shape Workplace Cultures" conference has been added to  ResearchAndMarkets.com's offering. The Best...

at 20:50
Pharma (1167.HK), a clinical-stage oncology company drugging the undruggable targets, today announced its 2023 annual results. The revenue was RMB63.5 million, the R&D investment was RMB372 million, the cash and cash equivalent at the end of 2023 was...

at 20:48
Carrieverse Co., Ltd. has announced the grand opening of its Web3 metaverse game, 'Carrieverse', on the 28th of this month. It will be released in most regions around the world, and is expected to attract more than 1.2 million pre-registered users,...

at 20:45
The "Austria Social Commerce Market Intelligence and Future Growth Dynamics Databook - 50+ KPIs on Social Commerce Trends by End-Use Sectors, Operational KPIs, Retail Product Dynamics, and Consumer Demographics - Q1 2024 Update" report has been added...



News published on and distributed by: